#!/bin/bash

yum install -y dkms libpcap tcp_wrappers ppp

sed -i 's/net.ipv4.ip_forward.*/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf
sysctl -p

# iptables
iptables -t nat -F
iptables -t nat -X
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
iptables -t mangle -F
iptables -t mangle -X
iptables -t mangle -P PREROUTING ACCEPT
iptables -t mangle -P INPUT ACCEPT
iptables -t mangle -P FORWARD ACCEPT
iptables -t mangle -P OUTPUT ACCEPT
iptables -t mangle -P POSTROUTING ACCEPT
iptables -F
iptables -X
iptables -P FORWARD ACCEPT
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t raw -F
iptables -t raw -X
iptables -t raw -P PREROUTING ACCEPT
iptables -t raw -P OUTPUT ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/8 -j MASQUERADE
#iptables -I FORWARD -p tcp --syn -i ppp+ -j TCPMSS --set-mss 1356
iptables -A FORWARD -p tcp --syn -s 10.66.0.0/16 -j TCPMSS --set-mss 1356
/etc/init.d/iptables save
/etc/init.d/iptables restart

wget  http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.rhel5.x86_64.rpm
rpm -ihv pptpd-1.3.4-2.rhel5.x86_64.rpm

# 配置文件
cat >> /etc/pptpd.conf <<EOF
localip 10.66.0.1
remoteip 10.66.0.2-200
EOF

cat >> /etc/ppp/chap-secrets <<EOF
mazha  *  mazha  *
vpn  *  vpn  *
EOF

cat >> /etc/ppp/options.pptpd <<EOF
debug
dump
ms-dns 10.66.0.1
ms-dns 8.8.8.8
EOF

chkconfig pptpd --level 345 on
service pptpd restart

 